Add gnu static binary build support

crazywhalecc · crazywhalecc · commit 779ae83fdc53 · 2025-03-11T13:50:46.000+08:00
diff --git a/build-static.sh b/build-static.sh
@@ -10,8 +10,51 @@ fi
 
 arch="$(uname -m)"
 os="$(uname -s | tr '[:upper:]' '[:lower:]')"
-# FIXME: re-enable PHP errors when SPC will be compatible with PHP 8.4
-spcCommand="php -ddisplay_errors=Off ./bin/spc"
+
+# Supported variables:
+# - PHP_VERSION: PHP version to build (default: "8.4")
+# - PHP_EXTENSIONS: PHP extensions to build (default: ${defaultExtensions} set below)
+# - PHP_EXTENSION_LIBS: PHP extension libraries to build (default: ${defaultExtensionLibs} set below)
+# - FRANKENPHP_VERSION: FrankenPHP version (default: current Git commit)
+# - EMBED: Path to the PHP app to embed (default: none)
+# - DEBUG_SYMBOLS: Enable debug symbols if set to 1 (default: none)
+# - MIMALLOC: Use mimalloc as the allocator if set to 1 (default: none)
+# - XCADDY_ARGS: Additional arguments to pass to xcaddy
+# - RELEASE: [maintainer only] Create a GitHub release if set to 1 (default: none)
+
+# - SPC_REL_TYPE: Release type to download (accept "source" and "binary", default: "source")
+# - SPC_OPT_BUILD_ARGS: Additional arguments to pass to spc build
+# - SPC_OPT_DOWNLOAD_ARGS: Additional arguments to pass to spc download
+# - SPC_BUILD_GNU: Set to 1 to build with GNU toolchain (default: musl toolchain)
+
+# init spc command, if we use spc binary, just use it instead of fetching source
+if [ -z "${SPC_REL_TYPE}" ]; then
+    SPC_REL_TYPE="source"
+fi
+# init spc build additional args
+if [ -z "${SPC_OPT_BUILD_ARGS}" ]; then
+    SPC_OPT_BUILD_ARGS="--debug"
+fi
+# init spc download additional args
+if [ -z "${SPC_OPT_DOWNLOAD_ARGS}" ]; then
+    SPC_OPT_DOWNLOAD_ARGS="--prefer-pre-built --debug --ignore-cache-sources=php-src"
+fi
+# linux build need to disable opcache jit
+if [ "${os}" = "linux" ]; then
+    SPC_OPT_BUILD_ARGS="${SPC_OPT_BUILD_ARGS} --disable-opcache-jit"
+fi
+# if we need debug symbols, disable strip
+if [ -n "${DEBUG_SYMBOLS}" ]; then
+    SPC_OPT_BUILD_ARGS="${SPC_OPT_BUILD_ARGS} --no-strip"
+fi
+# php version to build
+if [ -z "${PHP_VERSION}" ]; then
+	export PHP_VERSION="8.4"
+fi
+# default extension set
+defaultExtensions="apcu,bcmath,bz2,calendar,ctype,curl,dba,dom,exif,fileinfo,filter,ftp,gd,gmp,gettext,iconv,igbinary,imagick,intl,ldap,mbregex,mbstring,mysqli,mysqlnd,opcache,openssl,parallel,pcntl,pdo,pdo_mysql,pdo_pgsql,pdo_sqlite,pgsql,phar,posix,protobuf,readline,redis,session,shmop,simplexml,soap,sockets,sodium,sqlite3,ssh2,sysvmsg,sysvsem,sysvshm,tidy,tokenizer,xlswriter,xml,xmlreader,xmlwriter,zip,zlib,yaml,zstd"
+defaultExtensionLibs="bzip2,freetype,libavif,libjpeg,liblz4,libwebp,libzip,nghttp2"
+
 md5binary="md5sum"
 if [ "${os}" = "darwin" ]; then
 	os="mac"
@@ -35,32 +78,6 @@ else
 	fpie="-fpie"
 fi
 
-if [ -z "${PHP_EXTENSIONS}" ]; then
-	if [ -n "${EMBED}" ] && [ -f "${EMBED}/composer.json" ]; then
-		cd "${EMBED}"
-		# read the composer.json file and extract the required PHP extensions
-		# remove internal extensions from the list: https://github.com/crazywhalecc/static-php-cli/blob/4b16631d45a57370b4747df15c8f105130e96d03/src/globals/defines.php#L26-L34
-		PHP_EXTENSIONS="$(composer check-platform-reqs --no-dev 2>/dev/null | grep ^ext | sed -e 's/^ext-core//' -e 's/^ext-hash//' -e 's/^ext-json//' -e 's/^ext-pcre//' -e 's/^ext-reflection//' -e 's/^ext-spl//' -e 's/^ext-standard//' -e 's/^ext-//' -e 's/ .*//' | xargs | tr ' ' ',')"
-		export PHP_EXTENSIONS
-		cd -
-	else
-		export PHP_EXTENSIONS="apcu,bcmath,bz2,calendar,ctype,curl,dba,dom,exif,fileinfo,filter,ftp,gd,gmp,gettext,iconv,igbinary,imagick,intl,ldap,mbregex,mbstring,mysqli,mysqlnd,opcache,openssl,parallel,pcntl,pdo,pdo_mysql,pdo_pgsql,pdo_sqlite,pgsql,phar,posix,protobuf,readline,redis,session,shmop,simplexml,soap,sockets,sodium,sqlite3,ssh2,sysvmsg,sysvsem,sysvshm,tidy,tokenizer,xlswriter,xml,xmlreader,xmlwriter,zip,zlib,yaml,zstd"
-	fi
-fi
-
-if [ -z "${PHP_EXTENSION_LIBS}" ]; then
-	export PHP_EXTENSION_LIBS="bzip2,freetype,libavif,libjpeg,liblz4,libwebp,libzip,nghttp2"
-fi
-
-# The Brotli library must always be built as it is required by http://github.com/dunglas/caddy-cbrotli
-if ! echo "${PHP_EXTENSION_LIBS}" | grep -q "\bbrotli\b"; then
-	export PHP_EXTENSION_LIBS="${PHP_EXTENSION_LIBS},brotli"
-fi
-
-if [ -z "${PHP_VERSION}" ]; then
-	export PHP_VERSION="8.4"
-fi
-
 if [ -z "${FRANKENPHP_VERSION}" ]; then
 	FRANKENPHP_VERSION="$(git rev-parse --verify HEAD)"
 	export FRANKENPHP_VERSION
@@ -98,14 +115,6 @@ else
 	cd dist/
 	echo -n "${cache_key}" >cache_key
 
-	if [ -d "static-php-cli/" ]; then
-		cd static-php-cli/
-		git pull
-	else
-		git clone --depth 1 https://github.com/crazywhalecc/static-php-cli
-		cd static-php-cli/
-	fi
-
 	if type "brew" >/dev/null 2>&1; then
 		if ! type "composer" >/dev/null; then
 			packages="composer"
@@ -123,20 +132,48 @@ else
 		fi
 	fi
 
-	composer install --no-dev -a
-
-	if [ "${os}" = "linux" ]; then
-		extraOpts="--disable-opcache-jit"
-	fi
-
-	if [ -n "${DEBUG_SYMBOLS}" ]; then
-		extraOpts="${extraOpts} --no-strip"
-	fi
+	if [ "${SPC_REL_TYPE}" = "binary" ]; then
+	    mkdir static-php-cli/
+	    cd static-php-cli/
+	    curl -o spc -fsSL https://dl.static-php.dev/static-php-cli/spc-bin/nightly/spc-linux-$(uname -m)
+        chmod +x spc
+        spcCommand="./spc"
+    elif [ -d "static-php-cli/src" ]; then
+        cd static-php-cli/
+        git pull
+        composer install --no-dev -a
+        spcCommand="./bin/spc"
+    else
+        git clone --depth 1 https://github.com/crazywhalecc/static-php-cli --branch main
+        cd static-php-cli/
+        composer install --no-dev -a
+        spcCommand="./bin/spc"
+    fi
+
+    # extensions to build
+    if [ -z "${PHP_EXTENSIONS}" ]; then
+        # enable EMBED mode, first check if project has dumped extensions
+        if [ -n "${EMBED}" ] && [ -f "${EMBED}/composer.json" ] && [ -f "${EMBED}/composer.lock" ] && [ -f "${EMBED}/vendor/installed.json" ]; then
+            cd "${EMBED}"
+            # read the extensions using spc dump-extensions
+            PHP_EXTENSIONS=$(${spcCommand} dump-extensions "${EMBED}" --format=text --no-dev --no-ext-output="${defaultExtensions}")
+        else
+            PHP_EXTENSIONS="${defaultExtensions}"
+        fi
+    fi
+    # additional libs to build
+    if [ -z "${PHP_EXTENSION_LIBS}" ]; then
+        PHP_EXTENSION_LIBS="${defaultExtensionLibs}"
+    fi
+    # The Brotli library must always be built as it is required by http://github.com/dunglas/caddy-cbrotli
+    if ! echo "${PHP_EXTENSION_LIBS}" | grep -q "\bbrotli\b"; then
+        PHP_EXTENSION_LIBS="${PHP_EXTENSION_LIBS},brotli"
+    fi
 
 	${spcCommand} doctor --auto-fix
-	${spcCommand} download --with-php="${PHP_VERSION}" --for-extensions="${PHP_EXTENSIONS}" --for-libs="${PHP_EXTENSION_LIBS}" --ignore-cache-sources=php-src --prefer-pre-built
+	${spcCommand} download --with-php="${PHP_VERSION}" --for-extensions="${PHP_EXTENSIONS}" --for-libs="${PHP_EXTENSION_LIBS}" ${SPC_OPT_DOWNLOAD_ARGS}
 	# shellcheck disable=SC2086
-	${spcCommand} build --debug --enable-zts --build-embed ${extraOpts} "${PHP_EXTENSIONS}" --with-libs="${PHP_EXTENSION_LIBS}"
+	${spcCommand} build --enable-zts --build-embed ${SPC_OPT_BUILD_ARGS} "${PHP_EXTENSIONS}" --with-libs="${PHP_EXTENSION_LIBS}"
 fi
 
 if ! type "go" >/dev/null 2>&1; then
@@ -166,7 +203,12 @@ curl -f --retry 5 "${curlGitHubHeaders[@]}" https://api.github.com/repos/e-dant/
 	xargs curl -fL --retry 5 "${curlGitHubHeaders[@]}" |
 	tar xz --strip-components 1
 cd watcher-c
-cc -c -o libwatcher-c.o ./src/watcher-c.cpp -I ./include -I ../include -std=c++17 -Wall -Wextra "${fpic}"
+if [ -z "${CC}" ]; then
+    watcherCC=cc
+else
+    watcherCC="${CC}"
+fi
+${watcherCC} -c -o libwatcher-c.o ./src/watcher-c.cpp -I ./include -I ../include -std=c++17 -Wall -Wextra "${fpic}"
 ar rcs libwatcher-c.a libwatcher-c.o
 cp libwatcher-c.a ../../buildroot/lib/libwatcher-c.a
 mkdir -p ../../buildroot/include/wtr
@@ -302,9 +344,15 @@ fi
 
 go env
 cd caddy/
+if [ -z "${SPC_BUILD_GNU}" ]; then
+    xcaddyGoBuildFlags="-buildmode=pie -tags cgo,netgo,osusergo,static_build,nobadger,nomysql,nopgx -ldflags \"-linkmode=external -extldflags '-static-pie ${extraExtldflags}' ${extraLdflags} -X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP ${FRANKENPHP_VERSION} PHP ${LIBPHP_VERSION} Caddy'\""
+else
+    xcaddyGoBuildFlags="-buildmode=pie -tags cgo,netgo,osusergo,nobadger,nomysql,nopgx -ldflags \"-linkmode=external -extldflags '-pie ${extraExtldflags}' ${extraLdflags} -X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP ${FRANKENPHP_VERSION} PHP ${LIBPHP_VERSION} Caddy'\""
+fi
+
 # shellcheck disable=SC2086
 CGO_ENABLED=1 \
-	XCADDY_GO_BUILD_FLAGS="-buildmode=pie -tags cgo,netgo,osusergo,static_build,nobadger,nomysql,nopgx -ldflags \"-linkmode=external -extldflags '-static-pie ${extraExtldflags}' ${extraLdflags} -X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP ${FRANKENPHP_VERSION} PHP ${LIBPHP_VERSION} Caddy'\"" \
+	XCADDY_GO_BUILD_FLAGS=${xcaddyGoBuildFlags} \
 	XCADDY_DEBUG="${XCADDY_DEBUG}" \
 	${XCADDY_COMMAND} build \
 	--output "../dist/${bin}" \
diff --git a/gnu-static.Dockerfile b/gnu-static.Dockerfile
@@ -0,0 +1,134 @@
+FROM centos:7
+
+ARG FRANKENPHP_VERSION=''
+ENV FRANKENPHP_VERSION=${FRANKENPHP_VERSION}
+
+ARG PHP_VERSION=''
+ENV PHP_VERSION=${PHP_VERSION}
+
+# args passed to static-php-cli
+ARG PHP_EXTENSIONS=''
+ARG PHP_EXTENSION_LIBS=''
+
+# args passed to xcaddy
+ARG XCADDY_ARGS=''
+ARG CLEAN=''
+ARG EMBED=''
+ARG DEBUG_SYMBOLS=''
+ARG MIMALLOC=''
+ARG NO_COMPRESS=''
+
+# go version
+ENV GO_VERSION=1.24.1
+
+# labels, same as static-builder.Dockerfile
+LABEL org.opencontainers.image.title=FrankenPHP
+LABEL org.opencontainers.image.description="The modern PHP app server"
+LABEL org.opencontainers.image.url=https://frankenphp.dev
+LABEL org.opencontainers.image.source=https://github.com/dunglas/frankenphp
+LABEL org.opencontainers.image.licenses=MIT
+LABEL org.opencontainers.image.vendor="Kévin Dunglas"
+
+# yum update
+RUN sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo && \
+    sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo && \
+    sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo && \
+    yum clean all && \
+    yum makecache && \
+    yum update -y && \
+    yum install -y centos-release-scl
+
+# different arch for different scl repo
+RUN if [ "$(uname -m)" = "aarch64" ]; then \
+        sed -i 's|mirror.centos.org/centos|vault.centos.org/altarch|g' /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo ; \
+        sed -i 's|mirror.centos.org/centos|vault.centos.org/altarch|g' /etc/yum.repos.d/CentOS-SCLo-scl.repo ; \
+        sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo ; \
+        sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo ; \
+    else \
+        sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo ; \
+        sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo ; \
+        sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo ; \
+    fi ; \
+    yum update -y && \
+    yum install -y devtoolset-10-gcc-* && \
+    echo "source scl_source enable devtoolset-10" >> /etc/bashrc && \
+    source /etc/bashrc
+
+# install newer cmake to build some newer libs
+RUN curl -o cmake.tgz -fsSL https://github.com/Kitware/CMake/releases/download/v3.31.4/cmake-3.31.4-linux-$(uname -m).tar.gz && \
+    mkdir /cmake && \
+    tar -xzf cmake.tgz -C /cmake --strip-components 1 && \
+    rm cmake.tgz
+
+# install build essentials
+RUN yum install -y \
+        perl \
+        make \
+        bison \
+        flex \
+        git \
+        autoconf \
+        automake \
+        tar \
+        unzip \
+        gzip \
+        gcc \
+        bzip2 \
+        patch \
+        xz \
+        libtool \
+        perl-IPC-Cmd ; \
+    curl -o make.tgz -fsSL https://ftp.gnu.org/gnu/make/make-4.4.tar.gz && \
+    tar -zxvf make.tgz && \
+    rm make.tgz && \
+    cd make-4.4 && \
+    ./configure && \
+    make && \
+    make install && \
+    ln -sf /usr/local/bin/make /usr/bin/make ; \
+    if [ "$(uname -m)" = "aarch64" ]; then \
+        GO_ARCH="arm64" ; \
+    else \
+        GO_ARCH="amd64" ; \
+    fi ; \
+    curl -o go.tgz -fsSL https://go.dev/dl/go${GO_VERSION}.linux-${GO_ARCH}.tar.gz && \
+    rm -rf /usr/local/go && \
+    tar -C /usr/local -xzf go.tgz && \
+    rm go.tgz && \
+    /usr/local/go/bin/go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
+
+ENV PATH="/cmake/bin:/usr/local/go/bin:$PATH"
+
+# Apply gnu mode
+ENV SPC_SKIP_DOCTOR_CHECK_ITEMS='if musl-wrapper is installed,if musl-cross-make is installed'
+ENV CC='/opt/rh/devtoolset-10/root/usr/bin/gcc'
+ENV CXX='/opt/rh/devtoolset-10/root/usr/bin/g++'
+ENV AR='/opt/rh/devtoolset-10/root/usr/bin/ar'
+ENV LD='/opt/rh/devtoolset-10/root/usr/bin/ld'
+ENV SPC_DEFAULT_C_FLAGS='-fPIE -fPIC'
+ENV SPC_NO_MUSL_PATH='yes'
+ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LDFLAGS_PROGRAM='-Wl,-O1 -pie'
+ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LIBS='-ldl -lpthread -lm -lresolv -lutil -lrt'
+ENV SPC_OPT_DOWNLOAD_ARGS='--debug --ignore-cache-sources=php-src'
+ENV SPC_OPT_BUILD_ARGS='--debug --libc=glibc'
+ENV SPC_REL_TYPE='binary'
+ENV SPC_BUILD_GNU='yes'
+
+# not sure if this is needed
+ENV COMPOSER_ALLOW_SUPERUSER=1
+
+WORKDIR /go/src/app
+COPY go.mod go.sum ./
+RUN go mod graph | awk '{if ($1 !~ "@") print $2}' | xargs go get
+
+WORKDIR /go/src/app/caddy
+COPY caddy/go.mod caddy/go.sum ./
+RUN go mod graph | awk '{if ($1 !~ "@") print $2}' | xargs go get
+
+WORKDIR /go/src/app
+COPY --link *.* ./
+COPY --link caddy caddy
+COPY --link internal internal
+
+RUN --mount=type=secret,id=github-token ./build-static.sh && \
+	rm -Rf dist/static-php-cli/source/*
